Michael Johnson

Do you use 800 million pounds of paper each year? That’s the latest estimate for the average professional – and nearly 20% ends up in landfills. Would your habits change if you were taxed on paper consumption?

The use of paper to record thoughts, plans, transactions, agreements, or anything at all, is nothing new. Ancient Egyptians invented the earliest known type of “paper”, named papyrus from the plant which the material was created. The more modern forms of paper are likely created from a process similar to that invented by the Chinese, who remain the leading paper manufacturers today.

The ability to document everything from knowledge and information to financial transactions and taxes brought the foundation of the technological era – though not quite as we see it today. For the first time in history, accountability no longer relied on memory or spoken word, but the origin of the “paper trail” concept.

One of the earliest modern ways we’ve found to scale back paper use is the predecessor to the smartphone, the personal digital assistant (PDA), like the Palm Pilot. Migrating from paper planners to a handheld organizer enabled professionals to have easy calendar access, along with a variety of other resources like the Internet and telephone.

• Would it surprise you to know that the first person to coin the phrase “PDA” was a former Apple CEO, John Sculley?

The intended purpose of technology is to improve our lives and simplify our tasks. For example, email was designed, in part, to expedite communication in a cost-efficient manner. Written communication that previously took more than a week to deliver via U.S. mail with the added cost of a postage stamp and envelope – also relying on the correct mailing address of the recipient – was now nearly free and instantaneous. The fax machine was intended to serve this same purpose of timely delivery, but still involved paper waste. In fact, fax machines created a unique problem: the sender had to have a print copy to scan and fax, and the recipient thus received a paper copy of the message. In the case of email, technology should decrease the use of paper, and successfully has.

The average professional has indeed cut back on paper use. Statistics vary, but no matter how you look at it, we consume far too much paper for the amount of technology we have at our disposal. Notice the word “consume”? The sad reality is that not all consumed paper is used. Have you ever visited a print station only to have to dig through sheets to find the printed document(s) you’re looking for? How many times do you see the same sheets that never get picked up?

• Every year, organizations look to trim costs from their budget in unique ways, but rarely are paper costs fully considered. It’s estimated that U.S. companies spend $120 million annually on printed documents – a number that can, and should, easily be reduced.

Companies like Microsoft are trying to facilitate less paper consumption, and therefore, less waste. From online storage with Microsoft OneDrive or SharePoint, where users can store, share, and access files from anywhere without needing to produce paper copies, to collaborative software solutions like Microsoft Teams or Microsoft Project which help groups jointly communicate in real time, modern solutions are geared toward less paper consumption.

One industry where paper consumption has significantly decreased in recent years is the medical field. Patient charts used to be entirely paper, including test results, office visit notes, and full patient history. For large medical practices, this involves a lot of expensive real estate for a physical item that isn’t often used. The movement toward electronic health records is more efficient in every way: cost savings for less paper and less space taken, easy to share and access from anywhere, and less chance of a test result or document getting lost or damaged.

Banking is another industry to vie for the record of worst offender in terms of paper consumption. Between lending for auto purchases or mortgages and account statements, banks recognize the high-consumption of paper and have (slowly) been moving toward online signatures, email statements, and digital records.

Even major metropolitan areas are jumping on the “green” bandwagon. Bike lanes are being rolled out in cities across the country. Mass transit light rail systems are being installed and adopted for easy navigation and decreasing carbon footprints and toxic emissions. On the smaller scale, but no less important, it’s becoming more common for consumers to be emailed a receipt at a point of purchase, rather than have a paper receipt printed at the time of transaction. Most cities have designated locations to return printer ink cartridges for recycling to help cut down on waste.

• Commonly purchased with large print workstations are service agreements to maintain the printer. Rather than a set cost, these agreements are based on use and consumption, with fees for black-and-white documents ranging from 5¢ to 12¢ on average, and color documents ranging from triple to more than five times the cost of black-and-white fees. By comparison, cloud storage costs are far more economical!

So, what can you do to help cut down on paper waste, thereby cutting costs for your company?

• Evaluate who uses a printer at your organization and for what purposes.
• Determine if your printer(s) are the most efficient available, and if they are maintained for efficiency.
• Monitor overall usage, and then assess how usage can be decreased.

There are so many ways technology can help decrease print usage and costs, and here are a few to get started:

• Cloud storage
  • This cannot be stated enough. Moving file storage to the cloud is a big leap, but can save you time and money.
  • No more file cabinets taking up real estate.
  • Documents are easier to find, access, and share from anywhere.
• Reusable notebooks
  • Do you or your team still prefer to take handwritten notes? Using a smart notebook like the Rocketbook Wave propels your note-taking into the next century. Once captured, notes can be shared to the cloud using your smartphone. Once the notebook is full, a quick run in the microwave and it’s empty to use again!
• Collaborative platforms
  • We mentioned Microsoft Teams already, but there are countless options available. From Slack to Basecamp, most offer users a similar feature base intended to encourage digital collaboration and eliminate paper waste.

It’s not unheard of to offer incentives to decrease waste, but the greatest incentive is decreasing costs for the organization resulting in increased revenue – and hopefully increased salaries! Decreased paper waste shouldn’t have to rely on staff incentives – and hopefully, it won’t come to taxation, but you never know…so let’s get ahead of the game and help ourselves while helping the planet. Saving two kinds of green – money and Mother Earth – with one effort!

The Situation

Ransomware is now one of the top security concerns for businesses and organizations of all sizes. The City of Atlanta was hit with a ransomware attack called SamSam in March, crippling some important departments like their court system, sewer infrastructure requests, and water billing department.

The attackers who deploy SamSam are known for clever, high-yield approaches. This, combined with the City’s lack of preparedness, explains why the infection was so debilitating.

Experts are telling us that SamSam will strike again. Unlike many forms of ransomware that spread via phishing attacks where individuals inadvertently invite the attack, SamSam exploits IT system vulnerabilities and cracks weak passwords. These ransomware attackers have made $1 million in less than six months.

Keeping all your systems patched, storing data in enterprise-based cloud backups, and having a ransomware preparedness plan can offer real protections against SamSam and other ransomware infections.

Unfortunately, ransomware attacks are on the rise, and as hackers use more sophisticated encryption technology, the threat is constantly evolving. According to malware security firm Barkly, a company is hit with a ransomware attack every 40 seconds. They also identified ransomware as the most prevalent form of malware, with “4.3x new ransomware variants in Q1 2017 than in Q1 2016.”

This article details how dangerous ransomware is, how it could harm your business, and what you should do to protect your data.

Part 1

What is Ransomware?

Ransomware is a type of malicious software (malware) that blocks access to a computer that infects, locks or takes control of a system and demands a ransom to unlock it. It’s also referred to as a crypto-virus, crypto-Trojan or crypto-worm. It then threatens that your data will be gone forever if you don’t pay using a form of anonymous online currency such as Bitcoin.

Most forms of ransomware are spread via spam using unsolicited phishing email or an attachment. Phishing attacks use emails disguised to look like they’re from someone you know and are more likely to trust.

Some ransomware-based applications disguise themselves as police or a government agency, claiming that your system is being locked down for security reasons and that a fine or fee is required to reactivate it. Then it typically asks you to click on a link or attachment to perform a routine task such as updating records or account details. If you do this, a worm or malware is downloaded, infects your system and locks it by encrypting your files.

Ransomware, like SamSam, can also infect your IT system using vulnerabilities in your computer’s browser. It does this when you click on a malicious code hidden in online ads or free software.

Ransomware targets small to medium-sized businesses because they are particularly vulnerable due to limited IT resources. They are also more likely to pay the ransom in the hopes that they’ll get access to their data, although the FBI warns that this isn’t necessarily so.

“Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cybercriminals to target more organizations, but it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”

Paying the ransom only guarantees that the malicious actors receive your money, and possibly even banking information. Also, decrypting files does not mean the malware infection itself has been removed.

No one is immune.

• Temporary or permanent loss of sensitive or proprietary information,
• Disruption to regular operations,
• Financial losses to restore systems and files, and
• Potential harm to your organization’s reputation.

The lack of awareness and cybersecurity training is a leading cause of ransomware.

Part 2

Ransomware Comes in Many Forms.

Ransomware comes in many different forms, but essentially, it’s a type of malware that denies access to your computer devices unless you pay a ransom. The ransomware malware encrypts your data. Once it does this, it can travel throughout your network and encrypt other mapped and unmapped network drives. Because of this, it can bring your organization to a halt.

The ever-evolving nature of these threats makes ransomware very difficult to keep track of. (Ransomware-as-a-Service (RaaS) makes it easy for cybercriminals to set up a lucrative hacking scheme. It is provided as a vendor platform on the Dark Web. Unlawful vendors offer hackers and criminals a tool to use to lock down computer files, information or systems and hold them hostage.

Ransom32 is a type of “Ransomware-as-a-Service” that provides any cybercriminal, even those without technical knowledge, the ability to create their own form of ransomware. What makes Ransom32 so dangerous is that it uses JavaScript, and can be used on computers that run Windows, Mac OS X, and Linux.

Over 2,900 types of ransomware have been reported, and they’re growing. Here are just a few:

Bad Rabbit 

Bad Rabbit has infected organizations in Russia and Eastern Europe and is spreading throughout the world. It does this via a fake Adobe Flash update on compromised websites. When the ransomware infects a machine, users are directed to a payment page demanding .05 bitcoin (about $285).

Cerber

This ransomware encrypts your files using AES encryption and demands a ransom of 1.24 bitcoins (worth $500). It communicates via a text-to-speech voice message, a recording, a web page, or a plain text document. There’s no way to decrypt files that are encrypted by Cerber unless you pay the ransom.

Cryptolocker

CryptoLocker infects computers that run Microsoft Windows. Like other forms of ransomware, you must pay the hackers to decrypt and recover your files. CryptoLocker spreads via fake emails (phishing) designed to mimic legitimate businesses.

CryptoWall

This form of ransomware has been around since 2014, but new variants are still circulating, including CryptoBit, CryptoDefense, CryptoWall 2.0, and CryptoWall 3.0. Like CryptoLocker, CryptoWall is distributed by spam or exploit kits.

CryptXXX

CryptXXX used additional capabilities including network-share encryption. This means that even if you can decrypt your files, it can still cause significant downtime by encrypting files on your network shares.

FakeBsod

FakeBsod uses a malicious piece of JavaScript code to lock your web browser. It displays a fake warning message and tells you to go to a particular webpage (that contains the ransomware). The message says to “contact Microsoft technicians” about an “Error 333 Registry Failure of the operating system – Host: Blue screen Error 0x0000000CE.” When you call the phone number, you’ll be asked to pay a fee to fix the problem.

Lockscreen

This form of ransomware isn’t new and has been in use for quite a while. It attacks Android devices. However, now there’s a new version that is more powerful and much more resilient. It used to lock your screen using a hardcoded passcode, but with the right code, you could unlock your device. Today the new version is impossible to reverse-engineer the passcode since it uses pseudorandom passcodes. Because of this, you can’t unlock your device and must pay the ransom.

Locky

If your computers are infected by Locky, it will rename all of your important files and prevent you from opening them. It does this through encryption and using the file extension–locky. Now, only the cybercriminals have the decryption key, and you must purchase it from them to retrieve your files. To do this, you have to go to the Dark Web and pay $400+ in Bitcoin.

NotPetya

This is a strain of Petya and was first seen in 2016. Today, experts believe NotPetya’s sole purpose is to destroy data instead of obtaining a ransom.

Petya

Petya is especially dangerous because it encrypts entire computer systems, and overwrites the master boot record, so you can’t reboot your operating system.

Spider

Spreads via spam emails. It’s hidden in Microsoft Word documents and installs the ransomware on a computer when it’s downloaded. The Word document (typically disguised as a debt-collection notice) executes macros that encrypt your data.

TeslaCrypta

This uses an AES algorithm to encrypt files and is specifically designed to attack Adobe software vulnerabilities. TeslaCrypta installs itself in the Microsoft temp folder.

TorrentLocker

TorrentLocker spreads via spam email campaigns and targets specific geographic regions. It also uses the AES algorithm to encrypt files. It collects email addresses from your address book to spread malware to your business contacts, friends and family members.

WannaCry

WannaCry has hit over 125,000 organizations in over 150 countries. It currently affects Windows machines through a Microsoft exploit known as EternalBlue.

WannaCrypt

This computer attack began locking down data on May 12, 2017. It affects Microsoft Windows Operating systems. WannaCrypt encrypts all the data in on your computer and holds it hostage.

ZCryptor

This form of ransomware uses a worm-like tactic to self-propagate and encrypt files and external drives so that it can attack other computers.

Part 3

How Ransomware Infects Your Computers

Ransomware attacks are increasing, and so are the ransoms to recover your data.

You’ll know when ransomware infects your computer because the hackers display a message telling you how much to pay to unlock your files. These ransoms typically run in the $300-$500 range. But, some businesses are having to pay upwards of $1,000 per computer. If you have 25 computers that are infected, that’s $25,000.

Hackers primarily use the following attack vectors to infect computers:

Phishing Emails

This is the most common scenario. A realistic-looking email is sent to you with a link or attachment that contains the ransomware. Hackers will often send a number of these links or attachments to hide the one with the malware. Once it’s clicked the malicious software loads itself and the ransomware infection spreads throughout your files, locking them until you pay the ransom.

Drive-by-Downloads

If you unknowingly visit a realistic-looking website containing ransomware, it can load itself onto your computer. If you use an old browser, out-of-date software, or third-party applications, you’ll be most vulnerable. A hacker can detect a vulnerability and exploit it. When a software vendor discovers this, they’ll release a patch to repair the issue, but by this time the criminal has already done their dirty work. Examples include unpatched versions of Adobe Flash, a bug in Java or an old web browser, or an unpatched operating system.

Free Software

A lot of us download free versions of software. Some are legitimate, but others contain ransomware. They are especially prominent in broken versions of expensive games, free games, porn content, screensavers or bogus software. By convincing the user that they should download the software, they can get past firewalls and email filters. You might not even know that you’ve done this until the ransomware activates weeks later.

Unpatched Software

According to the U.S. Computer Readiness Team (CERT) using unpatched and unsupported software may increase the risk of proliferation of cybersecurity threats, such as ransomware. Microsoft provides a guide to help you keep your software up to date. They recommend that you use feed update functionality to stay informed about new ransomware variants and what you should do to protect your data.

Part 4

What to Do If Your Files Get Encrypted.

Tell your employees to let you know if they experience the following:

• They can’t open their files, or they get error messages saying a file is corrupted or contains the wrong extension.
• A window pops up with a ransomware program that they can’t close. This window may contain a message about paying a ransom to unlock files.
• A message says that a countdown has started for a ransom to decrypt files and that it will increase over time.
• They see files in all directories with names like “How to decrypt files.txt or decreypt_instructions.html.”

Ransomware isn’t easy to find while it’s at work encrypting your files. So, you might not know that it’s happening until the hacker sends you a message. By this time, the infection has completed its job. The best thing you can do at this point is to contain the virus from spreading throughout your network.

Unplug the infected computer from your network. You may also need to turn off all network access for all your computers until you know the virus is contained. Set your Basic Input Output System (BIOS) time back if the ransomware has started a countdown. This will hopefully give you more time to recover your critical files and try to eliminate the malware. You can access your BIOS time through the BIOS Setup Utility on the computer.

Restore your files from your last backup. This is why it’s important to regularly backup your files to a safe, offsite cloud location. Just make sure your most recent backup wasn’t infected as well. If you use a Disaster Recovery as a Service (DRaaS) solution, you should be able to do this and quickly “spin up” the DR image on your computer. By spinning up the image in a self-contained virtual machine (VM), you can inspect the DR image without exposing it to your entire network.

Alert the FBI. Don’t pay the ransom. This is a mistake because you still may not get your files back and the criminal will continue to extort you for money.

Unfortunately, recovery from ransomware can be difficult as cybercriminals fine-tune their tactics and become more sophisticated.

Part 5

How to Protect Your Data From Ransomware

The good news is that there are best practices you can adopt to protect your business. The Small Business Administration has these 14 recommendations. Your Technology Solutions Provider can help you with these.

1. Implement an awareness and training program. Because end users are targets, employees should be aware of the threat of ransomware and how it is delivered.
2. Enable strong spam filters to prevent phishing emails (an attempt to obtain sensitive information electronically) from reaching employees and authenticate inbound email using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent email spoofing.
3. Scan all incoming and outgoing emails to detect threats and filter executable files (used to perform computer functions) from reaching employees.
4. Configure firewalls to block access to known malicious IP addresses.
5. Patch operating systems, software, and firmware on devices. Consider using a centralized patch management system.
6. Set anti-virus and anti-malware programs to conduct regular scans automatically.
7. Manage the use of privileged accounts based on the principle of least privilege: no employees should be assigned administrative access unless absolutely needed and those with a need for administrator accounts should only use them when necessary.
8. Configure access controls—including file, directory, and network share permissions— with least privilege in mind. If an employee only needs to read specific files, the employee should not have write access to those files, directories, or shares.
9. Disable macro scripts (toolbar buttons and keyboard shortcut) from office files transmitted via email. Consider using Office Viewer software to open Microsoft Office files transmitted via email instead of full office suite applications.
10. Implement Software Restriction Policies (SRP)s or other controls to prevent programs from executing from common ransomware locations, such as temporary folders supporting popular Internet browsers or compression/decompression programs including the AppData/LocalAppData folder.
11. Consider disabling Remote Desktop Protocol (RDP) if it is not being used.
12. Use application whitelisting, which only allows systems to execute programs known and permitted by security policies.
13. Execute operating system environments or specific programs in a virtualized environment.
14. Categorize data based on organizational value and implement physical and logical separation of networks and data for different organization units.

In Conclusion

The increased incidence and rapid evolution of ransomware have raised concerns and stakes for both small and large businesses. Of everything we’ve discussed here, the two most important things to do to protect your business is to use a solid enterprise-grade cloud backup solution and to provide professional Cybersecurity Awareness Training for your employees. In both cases, your Technology Solutions Provider is your best friend. They’ll help you fight and prevent ransomware and cybercrime of all kinds. Don’t wait. Contact them today

Most business owners are cognizant of the prevalence of fraud in the digital world today. According to Experian’s Global Fraud and Identity Report 2018, almost three-quarters of businesses believe fraud is a growing concern, and nearly two-thirds reported fraudulent losses over the past year.

What is Fraud?

Fraud occurs when an individuals’ payment information is used without their authorization. When hackers breach your network and access your customers’ or clients’ sensitive cardholder information, they have many opportunities to commit fraud numerous times. Anytime someone falsifies an identity and “tricks” a system into thinking the person making a purchase is someone other than who they actually are, this is considered to be fraud.

Fraud is Pervasive in Today’s Digital World

This is because the majority of business and consumer data remains vulnerable. As the value of digital information grows, so does the hacker’s motivation to develop methods to avoid detection from the latest technologies.

The existing account setup process requires consumers to provide extensive amounts of personal information along with passwords and secret questions. And data breaches provide this information to cybercriminals. When this data is stolen, it’s often used for fraudulent activities.

Fraud is a moving target just like the hackers. New tactics are evolving where criminals combine real and fake information to create new identities.

Most business owners just don’t have a handle on this – and they lack confidence in their ability to protect their customers and their companies from fraud.

One of the reasons for this is that their initiatives are mostly reactionary rather than proactive as many continue to use legacy cybersecurity technology rather than investing in new, more sophisticated data protection solutions. As a result, every month that goes by increases their vulnerability and exposure to data breaches and fraud.

Fraud is an ever-present and growing risk

For businesses in e-commerce, managing the risk of fraud is a delicate balancing act between providing an ease of use for customers vs. fraud protection. They struggle with mitigating fraud and providing a positive customer experience. Unfortunately, the customer experience wins out in most cases, and businesses are willing to risk fraudulent losses over losing customers to their competition. Ironically, they are setting their businesses up for reputational damage where they will end up losing customers anyway, fail to gain new ones, and possibly face financial penalties and litigation costs.

The 2017 Cost of Data Breach Study from the Ponemon Institute, sponsored by IBM, puts the global average cost at $3.6 million, or $141 per data record. That’s a reduction in the average cost in 2016, but the average size of data breaches has increased. It’s also worth noting that the average cost of a data breach in the United States is much higher at $7.3 million.

More than 50 percent of businesses say they still rely on passwords as their top form of authentication.¹ And business leaders know that using passwords isn’t the most secure option. But customers are used to them, and business owners want to please them. They also complain that they lack the financial resources to adopt more advanced authentication methods when this would save them legal fees and penalties if/when their customers’ accounts are breached–not to mention their reputation and the future existence of their business. This, of course, is very shortsighted.

How data breaches and fraud are connected

Data breaches and fraud don’t usually occur at the same time and place. Cybercriminals won’t steal a customer’s information and turn around and use it for a purchase from the same business. So. it’s not easy for a business to detect when a breach occurs.

Data breaches are typically detected by using specific security tools that monitor all payment activity. Merchants should follow PCI/DSS Standards to identify and prevent breaches and remain compliant. PCI-DSS audits will help you find vulnerabilities in your system and reveal inadequacies that must be eradicated.

A successful case of fraud spreads like cancer

If a hacker can get one password, they may have the keys to other password-protected accounts. The more online accounts people open, the greater their risk. And most people have quite a few. If the hacker can figure out the password to someone’s email account, they may also have the key to their credit card and banking accounts as well.

You must remain vigilant to prevent data breaches and fraud.

What to do if you suspect fraud

A key indicator of evidence of fraud is in chargebacks where a customer disputes a charge on their credit card, and where you aren’t paid for the service or product. If your chargeback rate increases above a 1% margin, this is a good indication that you’re experiencing fraud.

In this case, you should hire a third-party auditor like an IT Managed Services Provider (MSP) to help bring you back into compliance and stop the thieves. They will detect where the problem(s) exist and if what they find indicates a data breach. PCI-DSS compliance requirements mandate that you do this to stop the fraudulent activity.

Of course, you should contact the card processor as well. They will connect you to the card providers who can often identify the point of access or detect a suspicious pattern of activity.

What You Can Do to Reduce Fraud and Data Breaches.

Use EMV Technology.

EMV (Europay Mastercard Visa) is the global standard to authenticate payment cards. EMV technology can help you protect your business from fraud. It ensures the card is legitimate and that the person using the card is the authorized user.

EMV chips are microprocessors that store and protect cardholder data. They use a unique cryptogram that’s validated by the card issuer. This makes it more difficult for hackers to break the code and steal card information to commit fraud.

Today, if you don’t use an EMV-capable terminal, and the transaction turns out to be fraudulent, you can be held financially liable for that transaction.

EMV has been used in the United Kingdom since 2004, and card-present fraud has gone down by 80% as a result. By comparison, without EMV in the U.S., fraud increased during this time by nearly 70%.

Protect Data in Transit by Using Encryption.

When credit card data is stolen, it’s considered a data breach. Considering the number of card payments your business processes in a month, hackers may view you as the “Pot of Gold at the end of a Rainbow.” In other words, your business is a prime target.

You can help stop the hackers from accessing data in transit by using end-to-end encryption (E2E) and point-to-point encryption (P2PE).

The advantages of end-to-end encryption are:

• That you don’t need a separate key for the decryption of the data.
• You have flexibility in deciding what data to encrypt.
• You can choose specific configurations for more functionality.
• The file size is small, and the processing time is minimal.

Point-to-point encryption encrypts transmitted data as it goes through a designated “tunnel.” This is used most often for credit card information that’s encrypted from the point-of-sale (POS) to the credit card processor.

With encryption, if a breach does occur, and data is stolen, it will be useless to cybercriminals in its encrypted state.

Protect Data at Rest by Using Tokenization.

Tokenization breaks up a sequence of data into pieces such as words, keywords, symbols, phrases, and elements called tokens. Tokens can be words, phrases or even whole sentences. In other words, tokenization keeps cybercriminals from using data by replacing it with meaningless characters. Tokenization is helpful for businesses that store sensitive card data for re-billing. It’s also one of the most effective and affordable ways for businesses to protect their customers’ confidential card data.

Combining encryption and tokenization is one of the best ways to protect your business from the devastating effects of a data breach.

Secure Your IT Environment

• Ask your IT Managed Services Provider (MSP) to set up a next-generation firewall, anti-spam, and anti-virus solutions.
• Ensure your POS and router are on different networks and separate from other systems that access the Internet.
• Don’t use your business POS for surfing the Web. This can expose it to viruses and result in vulnerabilities that can be breached.
• Assign separate login credentials for each user.
• Forbid sharing of login credentials and enforce this.
• Keep your user list up to date and disable accounts that are no longer needed.
• Only provide remote access for users with a clearly identified need.
• Don’t leave remote access software turned on when unattended.
• Keep all software and anti-virus, anti-spam programs up-to-date.
• Regularly run and review scans for malware.
• Regularly have your MSP run vulnerability scans.
• Ask your MSP to train your staff on the latest security threats and what to do if they come across one.
• Train your staff how to detect unauthorized skimming devices that could be installed on POS or credit-card terminals.

Have Your MSP Train Your Employees on Cybersecurity Awareness.

Teach your employees about password security and make sure you enforce this behavior:

• Don’t use words from the dictionary.
• Don’t use names of family members.
• Don’t reuse passwords from your other accounts.
• Don’t write down your passwords or put them where others can see them.
• Consider using a Password Manager (e.g., LastPass or 1Password).
• Use password complexity (e.g., P@ssword1).
• Create a unique password for work separate from your personal use.
• Change passwords at least quarterly.
• Use passwords with 9+ characters.
  • A criminal can crack a 5-character password in 16 minutes.
  • It takes five hours to crack a six-character password.
  • Three days for a 7-character password.
  • Four months for eight characters.
  • 26 years for nine characters.
  • centuries for 10+ characters.
• Turn on Two-Factor Authentication if it’s available.

Teach employees about ransomware and phishing threats. These appear to be from an official like the IRS or FBI. If a screen pops up that says you’ll be fined if you don’t follow their instructions, don’t! If you do, the criminal will encrypt all your data and prevent you and your employees from accessing it. Teach them to:

Beware of messages that:

• Try to solicit your curiosity or trust.
• Contain a link that you must “check out now.”
• Contain a downloadable file like a photo, music, document or pdf file.

Don’t believe messages that contain an urgent call to action:

• With an immediate need to address a problem that requires you to verify information.
• Urgently asks for your help.
• Asks you to donate to a charitable cause.
• Indicates you are a “Winner” in a lottery or other contest, or that you’ve inherited money from a deceased relative.

Be on the lookout for messages that:

• Respond to a question you never asked.
• Create distrust.
• Try to start a conflict.

Watch for flags like:

• Misspellings
• Typos

Ask Your MSP to Help You with PCI Compliance.

PCI Compliance is not a one-time event but should be a continual process to ensure your IT systems are appropriately transmitting and storing sensitive data. It mandates that network and business practices are secure.

Failing to maintain compliance with the Payment Card Industry Data Security Standards (PCI DSS) can ruin your small business if you get hit with a data breach.

It’s not always easy to do this on your own. Your MSP can help by:

• Performing scans of your network to identify and eliminate vulnerabilities that can lead to data breaches.
• Monitoring network activity and blocking malicious activity before it can lock down or steal your data.
• Providing you the tools and resources to promote compliance.
• Implement data-breach protection solutions.
• Help you sign up for a breach assistance/cyber insurance program that provides for reimbursement of certain card brand fees that are charged if data is compromised. Some cover the costs of a data breach, which can be upwards of $100,000 or more.

Protect Your Business from Data Breaches, Fraud, and the Resulting Consequences

When you take all of this seriously, you’re not just protecting your customer’s confidential information; you’re also protecting your business from fraud.

Most companies that experience a data breach will see a rise in cost to retain existing customers. And, they will also see an increased cost to acquire new customers. When you add these increases in cost to the loss of revenue from customers that choose take their business to your competitors, you’ll soon see how your damaged reputation dramatically affects your company’s bottom line.

You don’t have to face this alone.

The right IT Managed Services Provider can be your best ally against security threats. From helping you with integrated and compliant POS systems to implementing technologies like encryption and tokenization, and providing compliance and breach assistance, the right IT Partner is worth every cent when it comes to helping you secure your business against the devastating effects of credit-card fraud and data breaches.

If you’re the owner or CEO of a small business, then you’re probably already functioning as the Chief Information Officer (CIO) as well. Most small businesses can’t justify paying for both. This means you have to take time from your priorities to manage your technology, ensure that it’s secure and decide what IT solutions to use. It’s not as easy to do this as it was in years past, simply because of the fast-evolving nature of technology, and the increasing incidence of hacking and data breaches.

But, did you know that you can “hire” a Virtual CIO (vCIO) at a fraction of the cost of hiring a CIO?

What is a vCIO?

A virtual CIO is a technology service provider who serves as your CIO. They help you develop an IT Strategic Plan, with up-to-date resources to ensure security, productivity, and efficiency. Rather than hiring your vCIO, you pay for the service on an on-demand basis.

This frees you from the daily worry about technology and whether it will run as it should. It also frees up your limited internal resources and allows your employees to concentrate on their core responsibilities.

A vCIO Will:

• Gain an understanding of both your business and your technology infrastructure and make sure your IT is aligned with your business goals.
• Help you with IT budgeting and cost control strategies to achieve your priorities and avoid unnecessary costs.
• Analyze any inefficiencies in your existing IT infrastructure and centralize/consolidate resources and operations to promote considerable financial savings.
• Advise on Organizational IT Design and replace outmoded processes so you can pursue market opportunities and overcome business challenges through updated, value-based technologies.
• Effectively incorporate technology into your operational processes and ensure security at all times.
• Develop and IT Strategic Plans that aligns with your budget.
• Learn about your competition, and what new IT solutions they are using.
• Interface with your managers and users to ensure that you meet your IT goals.
• Identify and evaluate the impacts of your technology decisions.
• Conduct ongoing evaluations to assess your IT needs and provide service performance metrics.
• Manage technology needs for specific projects, whether they are new ones or ongoing.
• Deliver monthly updates to your management, provide Quarterly IT Summaries that reveal the condition of each component of your network, and prepare other reports as required.
• Provide procurement assistance to ensure you get the best prices on hardware and software.

Your Virtual CIO Will Help Your Achieve These 10 Technology Priorities for 2018.

 Cybersecurity

Security is an essential factor for any organization, and small businesses like yours are the biggest target for hackers today. Risk assessment, data protection, training awareness, and third-party security practices are necessary to ensure maximum security and protection. Continuous diagnostic monitoring is required to view your network, identify risks, quantify attacks and/or breaches, and mitigate them. Digital forensic tools are especially important for companies that require regulatory compliance and incident management. Identity and access management is a security practice that enables only authorized individuals to access resources to comply with security and compliance requirements. These are crucial elements for any business. Your vCIO will manage all these and other cybersecurity requirements for your business.

Disaster Recovery and Business Continuity

Disaster recovery and business continuity refer to your organization’s ability to recover data after a disaster occurs and when IT services are shut down or compromised. Both practices involve the process of backing up data and preparing policies and procedures to implement in the event of a disaster. Your vCIO will confirm your business can stay up and running no matter the IT disaster, manmade or natural.

Mobile Workforce Technologies and Solutions

With the BYOD (bring your own device) trend, organizations are using mobile devices more than ever. Your business is competing in a mobile, technology-driven economy, and you must rely on your mobile workforce to ensure customer satisfaction and product/service innovation. The right mobility solutions ensure secure and simple access to data, tools, and applications from any location. Your vCIO will help you consider applications, support, ownership, security, and communication issues and policies that will ensure your mobile workforce is always productive, and your data is secure.

Cloud Computing, Software as a Service (SaaS) and Virtualization

Software as a Service utilizes a cloud-computing infrastructure to deliver a single application to your employees no matter their location. This is opposed to relying on the traditional one application per desktop. Cloud services are available to your employees via the Internet from a cloud provider’s servers and used instead of your company’s own on-premises servers. Virtualization refers to the creation of virtual servers, desktops, storage devices, applications, and computer network resources. You can virtualize your entire IT infrastructure or just specific aspects of it. Cloud services and virtualization provide easy, quick, scalable access to resources, applications, and services, and simplifies your overall IT infrastructure to promote efficiency.

Enterprise Resource Planning (ERP)

Enterprise Resource Planning involves the use of business management software that combines a variety of integrated applications to store and manage data for all aspects of your business operations. It includes product planning, manufacturing, marketing, inventory management, shipping, invoicing, accounts receivables and payables, and more. Software as a Service Enterprise Resource Planning (SaaS ERP) supports remote hosting of business IT services. It’s also known as Cloud Enterprise Resource Planning (Cloud ERP).

Strategic IT Planning

Strategic IT planning focuses on your organization’s specific needs and how to best use technology to meet them. IT is a strategic capability to be used and integrated into planning and projections with consideration of future IT innovations and business growth. Your vCIO will work with you to determine how technology will help you achieve your business priorities and prepare guidelines and policies that support your vision with the right IT solutions.

Networking: Data and Voice Communications

Data communications refer to the electronic transmission of information for storage and processing, while voice communications refer to systems such as mobile devices and VoIP systems. Your vCIO will help you implement the best communication solutions to keep your organization connected and up and running.

Legacy Application Modernization/Renovation

Legacy application modernization is the process of refactoring, re-purposing, or consolidating legacy software programs to align with a company’s current needs. This enables you to benefit from the advantages of new development without the risk and cost of replacing legacy systems.

Business Intelligence and Analytics for Big Data

Business intelligence, or BI, is a term that refers to a variety of software applications used to analyze an organization’s raw and big data (massive amounts of data). Business analytics is the process of exploring and investigating an organization’s data with emphasis on statistical analysis. This is becoming more important for even small businesses today. They are relying on software solutions like Microsoft Power BI (Business Intelligence) to transform data and create interactive reports to help them analyze data to reach their goals.

Shared Services

Many parts of an organization use the same services and resources. Shared services involve the consolidation of business services and resources used by multiple parts of an organization. For example, with service portfolio management, organizations can define and manage services and resources. By incorporating automation, virtualization, advanced analytics, and other digital technologies into your operations, you can streamline processes. These technologies also may enable you to make better decisions and improve the quality of customer interactions.

By taking advantage of the services a virtual CIO provides, you’ll enjoy all the benefits of a CIO without the added costs. Your vCIO will protect your important data, help you get the most from your technology budget, provide customized reports and recommendations, and ensure you meet the technology challenges of 2018 and beyond.

Dangerous cyberattacks have been released by a group of hackers known as The Shadow Brokers. These exploits will lock up your data for good – no ransom, no return.

But this isn’t all they do – they’ll also leave behind a parasite that lets them “hang out” inside your computer, infect others, and re-enter through a backdoor.

What’s really scary is that these attacks are getting past traditional next-generation security measures. In 99 percent of the cases, security researchers found that these threats bypassed security tools.

EternalBlue (the worst-ever recorded ransomware strike): In February 2018 EternalBlue was ported to all Windows operating systems. By exploiting a vulnerability in Microsoft’s Server Message Block (SMB) protocol, EternalBlue allowed the dangerous ransomware virus WannaCry to propagate and infect 230,000 computers.

EternalChampion and EternalRomance are two other exploits that were also reported at the same time EternalBlue was.

And then there’s EternalRocks, also known as MicroBotMassiveNet, which is a computer worm that infects Microsoft Windows. It uses seven exploits that were developed by the NSA and unknowingly leaked to hackers. As a comparison for you, the WannaCry ransomware program only uses two NSA exploits. Experts tell us that EternalRocks is much more dangerous.

EternalRocks installs the Tor anonymous network to conceal Internet activity. Your server then downloads EternalRocks to your computers. To avoid detection, it calls itself WannaCry. But unlike WannaCry there’s no kill switch.

EternalBlue and these other exploits use a backdoor implant tool to infect your systems. Plus, EternalRocks is self-replicating worm and leaves the back door open via DoublePulsar so that other hackers can load malware on your computer.

Backdoors leave you exposed to a multitude of cyber threats.

A backdoor is a port or malicious application that provides access to a server or network. It provides hackers with unauthorized remote access to your network by exploiting security procedures and authentication. Backdoors can be used for cybercriminals to gain remote access to your computers.

Backdoors work in the background and are hidden. They are much like other malware viruses and, therefore, difficult to detect.

A backdoor is one of the most dangerous types of computer parasites. It gives a criminal the ability to perform any possible actions on your computer.

The attacker can:

• Spy on what you do,
• Take over your files a user,
• Install additional software or malicious threats,
• Control your organizations’ entire PC system,
• Implement keystroke logging and screenshot captures,
• Infect files,
• Encrypt your data, and
• Attack other hosts on your network.

Plus, the parasite can work automatically on its own and do what the hacker wants.

A backdoor not only allows the hacker to access your computer and network, but it also lets them come back and enter your system again and again.

Backdoors are complicated for system administrators to deal with. In most of the cases, it’s very difficult to find out who is controlling the parasite. In fact, all backdoors are really hard to detect.

Before they can find out how hard it will be to block the hacker’s access, system administrators have to figure out the methods hackers will use. There are so many exploits now that makes this a very difficult, if not impossible task.

Plus, some of these backdoors can’t be detected because of the way they’re designed.

Even if your admin changes passwords when an attack is discovered, backdoor utilities can be programmed to give the hacker repeat access to your system.

They do this via computers on your IT system that don’t log on to the network very often. Because it appears that no one is using the machine, your system administrator doesn’t detect that a hacker is actually using it.

There’s another kind of backdoor utility that lets the hacker return to the network within a short period of time. This way they don’t have to find a vulnerability to exploit in order to gain access. But if your system administrator does detect them, they’ll just take the time to look for another vulnerability. As you can see, this can be a constant battle.

Password cracking is the most-used method of backdoor hacking to breach network security.

The hacker locates your accounts that use weak passwords. These are accounts that aren’t used often. The hacker creates an access point by changing the password. When the system administrator searches for the fragile accounts, the ones that have weak passwords, the passwords have already been changed won’t be visible.

Backdoors can degrade your Internet connection speed and system performance. They prevent you from removing them by hiding in files. Plus, there are no uninstall features to delete them.

There are 5 ways backdoor threats can get in:

1. You can accidentally install them on your computers. Sometimes they come attached to phishing emails or file-sharing programs. They look safe and can trick you into opening and executing them.
2. They get installed by viruses like spyware or Trojans without your knowledge. Then they infect each profile for those who use that compromised computer.
3. They can be manually installed by malicious insiders who are authorized to install software on your computers. Then the backdoors can spread by exploiting remote systems with security vulnerabilities.
4. Some backdoors come with applications, including legitimate ones. Once the hacker gains access to a computer and access to the software installed on it, they have the authorization to take control and infect the software.
5. Backdoors can infect a computer by exploiting software vulnerabilities. They work just like computer worms and automatically spread without you knowing it. You won’t be alerted by warnings, setup wizards or dialog boxes when this happens.

What can you do to protect your business from backdoor threats?

Backdoor parasites are extremely dangerous and must be removed from the system. It’s essential that you contact your Technology Solutions Provider so they can do the following:

1. Block external access to all Server Message Block ports on the public internet.
2. Patch all Server Message Block vulnerabilities.
3. Block access to C&C servers (ubgdgno5eswkhmpy.onion) and
4. Install a DoublePulsar detection script.
5. Make sure to use an up-to-date analytics tool to monitor for insider threats.
6. Monitor your system for any newly added scheduled tasks.

 Contact our cybersecurity experts. We can “shut your backdoors.”